Hello pgmigg,
thanks a lot for your help! I was able to do all the steps you described, during the OTL Scan it seemed, that my PC stucked (the window signed "no answer"), but after a while the process went on. (I answer in two replies, because the forum automatics says to me, that the maximum number of allowed characters is reached).
Following the logs:
10:23:55.0220 3396 TDSS rootkit removing tool 2.7.0.0 Jan 10 2012 09:14:26
10:23:55.0340 3396 ============================================================
10:23:55.0340 3396 Current date / time: 2012/01/12 10:23:55.0340
10:23:55.0340 3396 SystemInfo:
10:23:55.0340 3396
10:23:55.0340 3396 OS Version: 6.0.6002 ServicePack: 2.0
10:23:55.0340 3396 Product type: Workstation
10:23:55.0340 3396 ComputerName: PHILIPP-PC
10:23:55.0341 3396 UserName: Philipp
10:23:55.0341 3396 Windows directory: C:\windows
10:23:55.0341 3396 System windows directory: C:\windows
10:23:55.0341 3396 Processor architecture: Intel x86
10:23:55.0341 3396 Number of processors: 2
10:23:55.0341 3396 Page size: 0x1000
10:23:55.0341 3396 Boot type: Normal boot
10:23:55.0341 3396 ============================================================
10:23:56.0287 3396 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000, SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K', Flags 0x00000050
10:23:56.0376 3396 Initialize success
10:23:58.0304 5968 ============================================================
10:23:58.0304 5968 Scan started
10:23:58.0304 5968 Mode: Manual;
10:23:58.0304 5968 ============================================================
10:23:58.0844 5968 Accelerometer (a9b917777841b76f299e2ea946e03adf) C:\windows\system32\DRIVERS\Accelerometer.sys
10:23:58.0854 5968 Accelerometer - ok
10:23:58.0912 5968 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\windows\system32\drivers\acpi.sys
10:23:58.0917 5968 ACPI - ok
10:23:58.0960 5968 ADIHdAudAddService (364a903711e84eb1386fa04106681b7a) C:\windows\system32\drivers\ADIHdAud.sys
10:23:58.0968 5968 ADIHdAudAddService - ok
10:23:59.0007 5968 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\windows\system32\drivers\adp94xx.sys
10:23:59.0039 5968 adp94xx - ok
10:23:59.0067 5968 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\windows\system32\drivers\adpahci.sys
10:23:59.0109 5968 adpahci - ok
10:23:59.0135 5968 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\windows\system32\drivers\adpu160m.sys
10:23:59.0149 5968 adpu160m - ok
10:23:59.0164 5968 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\windows\system32\drivers\adpu320.sys
10:23:59.0183 5968 adpu320 - ok
10:23:59.0248 5968 AFD (3911b972b55fea0478476b2e777b29fa) C:\windows\system32\drivers\afd.sys
10:23:59.0278 5968 AFD - ok
10:23:59.0376 5968 AgereSoftModem (38325c6aa8eae011897d61ce48ec6435) C:\windows\system32\DRIVERS\AGRSM.sys
10:23:59.0487 5968 AgereSoftModem - ok
10:23:59.0516 5968 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\windows\system32\drivers\agp440.sys
10:23:59.0530 5968 agp440 - ok
10:23:59.0544 5968 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\windows\system32\drivers\djsvs.sys
10:23:59.0563 5968 aic78xx - ok
10:23:59.0587 5968 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\windows\system32\drivers\aliide.sys
10:23:59.0597 5968 aliide - ok
10:23:59.0639 5968 amdagp (c47344bc706e5f0b9dce369516661578) C:\windows\system32\drivers\amdagp.sys
10:23:59.0652 5968 amdagp - ok
10:23:59.0662 5968 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\windows\system32\drivers\amdide.sys
10:23:59.0674 5968 amdide - ok
10:23:59.0738 5968 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\windows\system32\drivers\amdk7.sys
10:23:59.0749 5968 AmdK7 - ok
10:23:59.0805 5968 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\windows\system32\DRIVERS\amdk8.sys
10:23:59.0817 5968 AmdK8 - ok
10:23:59.0913 5968 arc (5d2888182fb46632511acee92fdad522) C:\windows\system32\drivers\arc.sys
10:23:59.0932 5968 arc - ok
10:23:59.0976 5968 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\windows\system32\drivers\arcsas.sys
10:23:59.0991 5968 arcsas - ok
10:24:00.0120 5968 AsyncMac (53b202abee6455406254444303e87be1) C:\windows\system32\DRIVERS\asyncmac.sys
10:24:00.0127 5968 AsyncMac - ok
10:24:00.0145 5968 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\windows\system32\drivers\atapi.sys
10:24:00.0158 5968 atapi - ok
10:24:00.0201 5968 ATSwpWDF (a9f9d1d24441889beb1aa2b917457e23) C:\windows\system32\Drivers\ATSwpWDF.sys
10:24:00.0239 5968 ATSwpWDF - ok
10:24:00.0288 5968 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\windows\system32\DRIVERS\avgntflt.sys
10:24:00.0301 5968 avgntflt - ok
10:24:00.0343 5968 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\windows\system32\DRIVERS\avipbb.sys
10:24:00.0361 5968 avipbb - ok
10:24:00.0390 5968 b57nd60x (502f1c30bd50b32d00ce4dcaecc3d3c7) C:\windows\system32\DRIVERS\b57nd60x.sys
10:24:00.0405 5968 b57nd60x - ok
10:24:00.0437 5968 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\windows\system32\drivers\Beep.sys
10:24:00.0445 5968 Beep - ok
10:24:00.0484 5968 blbdrive (d4df28447741fd3d953526e33a617397) C:\windows\system32\drivers\blbdrive.sys
10:24:00.0495 5968 blbdrive - ok
10:24:00.0540 5968 bowser (35f376253f687bde63976ccb3f2108ca) C:\windows\system32\DRIVERS\bowser.sys
10:24:00.0552 5968 bowser - ok
10:24:00.0591 5968 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\drivers\brfiltlo.sys
10:24:00.0598 5968 BrFiltLo - ok
10:24:00.0624 5968 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\drivers\brfiltup.sys
10:24:00.0630 5968 BrFiltUp - ok
10:24:00.0667 5968 Brserid (b304e75cff293029eddf094246747113) C:\windows\system32\drivers\brserid.sys
10:24:00.0680 5968 Brserid - ok
10:24:00.0699 5968 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\system32\drivers\brserwdm.sys
10:24:00.0710 5968 BrSerWdm - ok
10:24:00.0742 5968 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\system32\drivers\brusbmdm.sys
10:24:00.0748 5968 BrUsbMdm - ok
10:24:00.0770 5968 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\system32\drivers\brusbser.sys
10:24:00.0778 5968 BrUsbSer - ok
10:24:00.0811 5968 BthEnum (da7b195275bda7f8fcf79b40e0f45dde) C:\windows\system32\DRIVERS\BthEnum.sys
10:24:00.0819 5968 BthEnum - ok
10:24:00.0847 5968 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\windows\system32\drivers\bthmodem.sys
10:24:00.0857 5968 BTHMODEM - ok
10:24:00.0898 5968 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\windows\system32\DRIVERS\bthpan.sys
10:24:00.0910 5968 BthPan - ok
10:24:00.0945 5968 BTHPORT (671134053d59e23704f08db19f11e10b) C:\windows\system32\Drivers\BTHport.sys
10:24:00.0971 5968 BTHPORT - ok
10:24:00.0995 5968 BTHUSB (93d7007e2c660dfcca6ae72622740b14) C:\windows\system32\Drivers\BTHUSB.sys
10:24:01.0003 5968 BTHUSB - ok
10:24:01.0028 5968 catchme - ok
10:24:01.0056 5968 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\windows\system32\DRIVERS\cdfs.sys
10:24:01.0067 5968 cdfs - ok
10:24:01.0129 5968 cdrom (6b4bffb9becd728097024276430db314) C:\windows\system32\DRIVERS\cdrom.sys
10:24:01.0141 5968 cdrom - ok
10:24:01.0174 5968 circlass (e5d4133f37219dbcfe102bc61072589d) C:\windows\system32\drivers\circlass.sys
10:24:01.0186 5968 circlass - ok
10:24:01.0231 5968 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\windows\system32\CLFS.sys
10:24:01.0306 5968 CLFS - ok
10:24:01.0372 5968 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\windows\system32\DRIVERS\CmBatt.sys
10:24:01.0381 5968 CmBatt - ok
10:24:01.0410 5968 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\windows\system32\drivers\cmdide.sys
10:24:01.0420 5968 cmdide - ok
10:24:01.0455 5968 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\windows\system32\DRIVERS\compbatt.sys
10:24:01.0467 5968 Compbatt - ok
10:24:01.0556 5968 cpuz132 - ok
10:24:01.0568 5968 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\windows\system32\drivers\crcdisk.sys
10:24:01.0579 5968 crcdisk - ok
10:24:01.0610 5968 Crusoe (1f07becdca750766a96cda811ba86410) C:\windows\system32\drivers\crusoe.sys
10:24:01.0623 5968 Crusoe - ok
10:24:01.0669 5968 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\windows\system32\drivers\csc.sys
10:24:01.0704 5968 CSC - ok
10:24:01.0766 5968 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\windows\system32\Drivers\dfsc.sys
10:24:01.0779 5968 DfsC - ok
10:24:01.0830 5968 disk (5d4aefc3386920236a548271f8f1af6a) C:\windows\system32\drivers\disk.sys
10:24:01.0845 5968 disk - ok
10:24:01.0901 5968 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\windows\system32\DRIVERS\Dot4.sys
10:24:01.0923 5968 Dot4 - ok
10:24:01.0969 5968 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\windows\system32\DRIVERS\Dot4Prt.sys
10:24:01.0977 5968 Dot4Print - ok
10:24:02.0007 5968 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\windows\system32\DRIVERS\dot4usb.sys
10:24:02.0021 5968 dot4usb - ok
10:24:02.0098 5968 drmkaud (97fef831ab90bee128c9af390e243f80) C:\windows\system32\drivers\drmkaud.sys
10:24:02.0104 5968 drmkaud - ok
10:24:02.0164 5968 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\windows\System32\drivers\dxgkrnl.sys
10:24:02.0182 5968 DXGKrnl - ok
10:24:02.0223 5968 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\windows\system32\DRIVERS\E1G60I32.sys
10:24:02.0239 5968 E1G60 - ok
10:24:02.0303 5968 e1yexpress (76a02bc4e8008a8cbaf5cc7efb9df839) C:\windows\system32\DRIVERS\e1y6032.sys
10:24:02.0327 5968 e1yexpress - ok
10:24:02.0376 5968 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\windows\system32\drivers\ecache.sys
10:24:02.0400 5968 Ecache - ok
10:24:02.0447 5968 elxstor (23b62471681a124889978f6295b3f4c6) C:\windows\system32\drivers\elxstor.sys
10:24:02.0471 5968 elxstor - ok
10:24:02.0509 5968 ErrDev (3db974f3935483555d7148663f726c61) C:\windows\system32\drivers\errdev.sys
10:24:02.0519 5968 ErrDev - ok
10:24:02.0562 5968 exfat (22b408651f9123527bcee54b4f6c5cae) C:\windows\system32\drivers\exfat.sys
10:24:02.0579 5968 exfat - ok
10:24:02.0605 5968 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\windows\system32\drivers\fastfat.sys
10:24:02.0627 5968 fastfat - ok
10:24:02.0662 5968 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\windows\system32\DRIVERS\fdc.sys
10:24:02.0671 5968 fdc - ok
10:24:02.0713 5968 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\windows\system32\drivers\fileinfo.sys
10:24:02.0726 5968 FileInfo - ok
10:24:02.0746 5968 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\windows\system32\drivers\filetrace.sys
10:24:02.0755 5968 Filetrace - ok
10:24:02.0779 5968 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\windows\system32\DRIVERS\flpydisk.sys
10:24:02.0789 5968 flpydisk - ok
10:24:02.0820 5968 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\windows\system32\drivers\fltmgr.sys
10:24:02.0840 5968 FltMgr - ok
10:24:02.0883 5968 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\windows\system32\drivers\Fs_Rec.sys
10:24:02.0890 5968 Fs_Rec - ok
10:24:02.0927 5968 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\windows\system32\drivers\gagp30kx.sys
10:24:02.0939 5968 gagp30kx - ok
10:24:03.0018 5968 HBtnKey (88a78635b41ed4b261365fadeb28fe81) C:\windows\system32\DRIVERS\cpqbttn.sys
10:24:03.0026 5968 HBtnKey - ok
10:24:03.0105 5968 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\windows\system32\drivers\HdAudio.sys
10:24:03.0132 5968 HdAudAddService - ok
10:24:03.0177 5968 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\windows\system32\DRIVERS\HDAudBus.sys
10:24:03.0194 5968 HDAudBus - ok
10:24:03.0229 5968 HECI (2df64415a28ce036ac6acec7645a996f) C:\windows\system32\DRIVERS\HECI.sys
10:24:03.0239 5968 HECI - ok
10:24:03.0270 5968 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\windows\system32\drivers\hidbth.sys
10:24:03.0284 5968 HidBth - ok
10:24:03.0301 5968 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\windows\system32\drivers\hidir.sys
10:24:03.0310 5968 HidIr - ok
10:24:03.0352 5968 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\windows\system32\DRIVERS\hidusb.sys
10:24:03.0359 5968 HidUsb - ok
10:24:03.0402 5968 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\windows\system32\drivers\hpcisss.sys
10:24:03.0413 5968 HpCISSs - ok
10:24:03.0440 5968 hpdskflt (3520a74fca88a5aefbbe7b937bea75f7) C:\windows\system32\DRIVERS\hpdskflt.sys
10:24:03.0449 5968 hpdskflt - ok
10:24:03.0473 5968 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
10:24:03.0483 5968 HpqKbFiltr - ok
10:24:03.0545 5968 HTTP (f870aa3e254628ebeafe754108d664de) C:\windows\system32\drivers\HTTP.sys
10:24:03.0578 5968 HTTP - ok
10:24:03.0609 5968 i2omp (c6b032d69650985468160fc9937cf5b4) C:\windows\system32\drivers\i2omp.sys
10:24:03.0620 5968 i2omp - ok
10:24:03.0662 5968 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\windows\system32\DRIVERS\i8042prt.sys
10:24:03.0676 5968 i8042prt - ok
10:24:03.0741 5968 iaStor (de7c12e59605ea7ea0cf6345afeb0f07) C:\windows\system32\drivers\iastor.sys
10:24:03.0748 5968 iaStor - ok
10:24:03.0774 5968 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\windows\system32\drivers\iastorv.sys
10:24:03.0795 5968 iaStorV - ok
10:24:03.0906 5968 igfx (6fb1858d1f0923d122b0331865695041) C:\windows\system32\DRIVERS\igdkmd32.sys
10:24:04.0004 5968 igfx - ok
10:24:04.0024 5968 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\windows\system32\drivers\iirsp.sys
10:24:04.0035 5968 iirsp - ok
10:24:04.0107 5968 intelide (83aa759f3189e6370c30de5dc5590718) C:\windows\system32\drivers\intelide.sys
10:24:04.0117 5968 intelide - ok
10:24:04.0136 5968 intelppm (224191001e78c89dfa78924c3ea595ff) C:\windows\system32\DRIVERS\intelppm.sys
10:24:04.0138 5968 intelppm - ok
10:24:04.0173 5968 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\windows\system32\DRIVERS\ipfltdrv.sys
10:24:04.0183 5968 IpFilterDriver - ok
10:24:04.0206 5968 IpInIp - ok
10:24:04.0228 5968 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\windows\system32\drivers\ipmidrv.sys
10:24:04.0242 5968 IPMIDRV - ok
10:24:04.0272 5968 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\windows\system32\DRIVERS\ipnat.sys
10:24:04.0286 5968 IPNAT - ok
10:24:04.0310 5968 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\windows\system32\drivers\irenum.sys
10:24:04.0317 5968 IRENUM - ok
10:24:04.0330 5968 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\windows\system32\drivers\isapnp.sys
10:24:04.0347 5968 isapnp - ok
10:24:04.0386 5968 iScsiPrt (232fa340531d940aac623b121a595034) C:\windows\system32\DRIVERS\msiscsi.sys
10:24:04.0390 5968 iScsiPrt - ok
10:24:04.0412 5968 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\windows\system32\drivers\iteatapi.sys
10:24:04.0424 5968 iteatapi - ok
10:24:04.0440 5968 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\windows\system32\drivers\iteraid.sys
10:24:04.0453 5968 iteraid - ok
10:24:04.0472 5968 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\windows\system32\DRIVERS\kbdclass.sys
10:24:04.0484 5968 kbdclass - ok
10:24:04.0523 5968 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\windows\system32\DRIVERS\kbdhid.sys
10:24:04.0531 5968 kbdhid - ok
10:24:04.0598 5968 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\windows\system32\Drivers\ksecdd.sys
10:24:04.0638 5968 KSecDD - ok
10:24:04.0702 5968 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\windows\system32\DRIVERS\lltdio.sys
10:24:04.0716 5968 lltdio - ok
10:24:04.0768 5968 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\windows\system32\drivers\lsi_fc.sys
10:24:04.0786 5968 LSI_FC - ok
10:24:04.0803 5968 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\windows\system32\drivers\lsi_sas.sys
10:24:04.0819 5968 LSI_SAS - ok
10:24:04.0841 5968 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\windows\system32\drivers\lsi_scsi.sys
10:24:04.0856 5968 LSI_SCSI - ok
10:24:04.0876 5968 luafv (8f5c7426567798e62a3b3614965d62cc) C:\windows\system32\drivers\luafv.sys
10:24:04.0878 5968 luafv - ok
10:24:04.0904 5968 megasas (0001ce609d66632fa17b84705f658879) C:\windows\system32\drivers\megasas.sys
10:24:04.0915 5968 megasas - ok
10:24:04.0949 5968 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\windows\system32\drivers\megasr.sys
10:24:04.0985 5968 MegaSR - ok
10:24:05.0032 5968 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\windows\system32\drivers\modem.sys
10:24:05.0034 5968 Modem - ok
10:24:05.0062 5968 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\windows\system32\DRIVERS\monitor.sys
10:24:05.0064 5968 monitor - ok
10:24:05.0079 5968 mouclass (5bf6a1326a335c5298477754a506d263) C:\windows\system32\DRIVERS\mouclass.sys
10:24:05.0092 5968 mouclass - ok
10:24:05.0136 5968 mouhid (93b8d4869e12cfbe663915502900876f) C:\windows\system32\DRIVERS\mouhid.sys
10:24:05.0143 5968 mouhid - ok
10:24:05.0158 5968 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\windows\system32\drivers\mountmgr.sys
10:24:05.0172 5968 MountMgr - ok
10:24:05.0196 5968 mpio (511d011289755dd9f9a7579fb0b064e6) C:\windows\system32\drivers\mpio.sys
10:24:05.0214 5968 mpio - ok
10:24:05.0239 5968 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\windows\system32\drivers\mpsdrv.sys
10:24:05.0251 5968 mpsdrv - ok
10:24:05.0268 5968 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\windows\system32\drivers\mraid35x.sys
10:24:05.0283 5968 Mraid35x - ok
10:24:05.0314 5968 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\windows\system32\drivers\mrxdav.sys
10:24:05.0332 5968 MRxDAV - ok
10:24:05.0379 5968 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\windows\system32\DRIVERS\mrxsmb.sys
10:24:05.0392 5968 mrxsmb - ok
10:24:05.0436 5968 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\windows\system32\DRIVERS\mrxsmb10.sys
10:24:05.0460 5968 mrxsmb10 - ok
10:24:05.0476 5968 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\windows\system32\DRIVERS\mrxsmb20.sys
10:24:05.0488 5968 mrxsmb20 - ok
10:24:05.0501 5968 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\windows\system32\drivers\msahci.sys
10:24:05.0515 5968 msahci - ok
10:24:05.0534 5968 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\windows\system32\drivers\msdsm.sys
10:24:05.0551 5968 msdsm - ok
10:24:05.0587 5968 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\windows\system32\drivers\Msfs.sys
10:24:05.0596 5968 Msfs - ok
10:24:05.0618 5968 msisadrv (0f400e306f385c56317357d6dea56f62) C:\windows\system32\drivers\msisadrv.sys
10:24:05.0629 5968 msisadrv - ok
10:24:05.0671 5968 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\windows\system32\drivers\MSKSSRV.sys
10:24:05.0678 5968 MSKSSRV - ok
10:24:05.0704 5968 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\windows\system32\drivers\MSPCLOCK.sys
10:24:05.0711 5968 MSPCLOCK - ok
10:24:05.0738 5968 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\windows\system32\drivers\MSPQM.sys
10:24:05.0745 5968 MSPQM - ok
10:24:05.0783 5968 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\windows\system32\drivers\MsRPC.sys
10:24:05.0800 5968 MsRPC - ok
10:24:05.0823 5968 mssmbios (e384487cb84be41d09711c30ca79646c) C:\windows\system32\DRIVERS\mssmbios.sys
10:24:05.0825 5968 mssmbios - ok
10:24:05.0851 5968 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\windows\system32\drivers\MSTEE.sys
10:24:05.0857 5968 MSTEE - ok
10:24:05.0890 5968 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\windows\system32\Drivers\mup.sys
10:24:05.0903 5968 Mup - ok
10:24:05.0938 5968 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\windows\system32\DRIVERS\nwifi.sys
10:24:05.0953 5968 NativeWifiP - ok
10:24:06.0005 5968 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\windows\system32\drivers\ndis.sys
10:24:06.0015 5968 NDIS - ok
10:24:06.0038 5968 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\windows\system32\DRIVERS\ndistapi.sys
10:24:06.0047 5968 NdisTapi - ok
10:24:06.0100 5968 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\windows\system32\DRIVERS\ndisuio.sys
10:24:06.0109 5968 Ndisuio - ok
10:24:06.0131 5968 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\windows\system32\DRIVERS\ndiswan.sys
10:24:06.0148 5968 NdisWan - ok
10:24:06.0163 5968 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\windows\system32\drivers\NDProxy.sys
10:24:06.0174 5968 NDProxy - ok
10:24:06.0227 5968 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\windows\system32\DRIVERS\netbios.sys
10:24:06.0237 5968 NetBIOS - ok
10:24:06.0264 5968 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\windows\system32\DRIVERS\netbt.sys
10:24:06.0284 5968 netbt - ok
10:24:06.0457 5968 NETw5v32 (e559ea9138c77b5d1fda8c558764a25f) C:\windows\system32\DRIVERS\NETw5v32.sys
10:24:06.0621 5968 NETw5v32 - ok
10:24:06.0636 5968 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\windows\system32\drivers\nfrd960.sys
10:24:06.0649 5968 nfrd960 - ok
10:24:06.0677 5968 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\windows\system32\drivers\Npfs.sys
10:24:06.0688 5968 Npfs - ok
10:24:06.0710 5968 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\windows\system32\drivers\nsiproxy.sys
10:24:06.0720 5968 nsiproxy - ok
10:24:06.0778 5968 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\windows\system32\drivers\Ntfs.sys
10:24:06.0857 5968 Ntfs - ok
10:24:06.0882 5968 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\windows\system32\drivers\ntrigdigi.sys
10:24:06.0890 5968 ntrigdigi - ok
10:24:06.0918 5968 Null (c5dbbcda07d780bda9b685df333bb41e) C:\windows\system32\drivers\Null.sys
10:24:06.0924 5968 Null - ok
10:24:06.0942 5968 nvraid (2edf9e7751554b42cbb60116de727101) C:\windows\system32\drivers\nvraid.sys
10:24:06.0960 5968 nvraid - ok
10:24:06.0983 5968 nvstor (abed0c09758d1d97db0042dbb2688177) C:\windows\system32\drivers\nvstor.sys
10:24:06.0995 5968 nvstor - ok
10:24:07.0019 5968 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\windows\system32\drivers\nv_agp.sys
10:24:07.0039 5968 nv_agp - ok
10:24:07.0050 5968 NwlnkFlt - ok
10:24:07.0067 5968 NwlnkFwd - ok
10:24:07.0122 5968 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\windows\system32\DRIVERS\ohci1394.sys
10:24:07.0123 5968 ohci1394 - ok
10:24:07.0196 5968 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\windows\system32\DRIVERS\parport.sys
10:24:07.0208 5968 Parport - ok
10:24:07.0238 5968 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\windows\system32\drivers\partmgr.sys
10:24:07.0252 5968 partmgr - ok
10:24:07.0280 5968 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\windows\system32\DRIVERS\parvdm.sys
10:24:07.0287 5968 Parvdm - ok
10:24:07.0327 5968 pci (941dc1d19e7e8620f40bbc206981efdb) C:\windows\system32\drivers\pci.sys
10:24:07.0351 5968 pci - ok
10:24:07.0375 5968 pciide (1636d43f10416aeb483bc6001097b26c) C:\windows\system32\drivers\pciide.sys
10:24:07.0385 5968 pciide - ok
10:24:07.0431 5968 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\windows\system32\DRIVERS\pcmcia.sys
10:24:07.0453 5968 pcmcia - ok
10:24:07.0510 5968 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\windows\system32\drivers\peauth.sys
10:24:07.0581 5968 PEAUTH - ok
10:24:07.0688 5968 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\windows\system32\DRIVERS\raspptp.sys
10:24:07.0700 5968 PptpMiniport - ok
10:24:07.0726 5968 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\windows\system32\drivers\processr.sys
10:24:07.0738 5968 Processor - ok
10:24:07.0778 5968 PSched (99514faa8df93d34b5589187db3aa0ba) C:\windows\system32\DRIVERS\pacer.sys
10:24:07.0791 5968 PSched - ok
10:24:07.0843 5968 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\windows\system32\drivers\ql2300.sys
10:24:07.0907 5968 ql2300 - ok
10:24:07.0923 5968 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\windows\system32\drivers\ql40xx.sys
10:24:07.0939 5968 ql40xx - ok
10:24:07.0971 5968 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\windows\system32\drivers\qwavedrv.sys
10:24:07.0980 5968 QWAVEdrv - ok
10:24:08.0002 5968 RasAcd (147d7f9c556d259924351feb0de606c3) C:\windows\system32\DRIVERS\rasacd.sys
10:24:08.0010 5968 RasAcd - ok
10:24:08.0049 5968 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\windows\system32\DRIVERS\rasl2tp.sys
10:24:08.0063 5968 Rasl2tp - ok
10:24:08.0100 5968 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\windows\system32\DRIVERS\raspppoe.sys
10:24:08.0111 5968 RasPppoe - ok
10:24:08.0131 5968 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\windows\system32\DRIVERS\rassstp.sys
10:24:08.0145 5968 RasSstp - ok
10:24:08.0175 5968 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\windows\system32\DRIVERS\rdbss.sys
10:24:08.0202 5968 rdbss - ok
10:24:08.0233 5968 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\windows\system32\DRIVERS\RDPCDD.sys
10:24:08.0240 5968 RDPCDD - ok
10:24:08.0287 5968 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\windows\system32\DRIVERS\rdpdr.sys
10:24:08.0310 5968 rdpdr - ok
10:24:08.0322 5968 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\windows\system32\drivers\rdpencdd.sys
10:24:08.0330 5968 RDPENCDD - ok
10:24:08.0373 5968 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\windows\system32\drivers\RDPWD.sys
10:24:08.0390 5968 RDPWD - ok
10:24:08.0438 5968 RFCOMM (34cc78c06587718c2ad6d3aa83b1f072) C:\windows\system32\DRIVERS\rfcomm.sys
10:24:08.0448 5968 RFCOMM - ok
10:24:08.0480 5968 rimmptsk (1ae404944293c90ad690c5a0c4e9c75e) C:\windows\system32\DRIVERS\rimmptsk.sys
10:24:08.0490 5968 rimmptsk - ok
10:24:08.0521 5968 rismc32 (7c21554942bef51cbd84fd7d4e62cb9a) C:\windows\system32\DRIVERS\rismc32.sys
10:24:08.0533 5968 rismc32 - ok
10:24:08.0572 5968 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\windows\system32\DRIVERS\rspndr.sys
10:24:08.0583 5968 rspndr - ok
10:24:08.0606 5968 RsvLock (c0ef0f85c03e57686973932b6e46b172) C:\windows\system32\drivers\RsvLock.sys
10:24:08.0616 5968 RsvLock - ok
10:24:08.0643 5968 SafeBoot (b48c00f75e7afcd122abb2ad87dfd270) C:\windows\system32\drivers\SafeBoot.sys
10:24:08.0643 5968 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: b48c00f75e7afcd122abb2ad87dfd270
10:24:08.0644 5968 SafeBoot ( LockedFile.Multi.Generic ) - warning
10:24:08.0644 5968 SafeBoot - detected LockedFile.Multi.Generic (1)
10:24:08.0675 5968 SbAlg (5f1a459d5dd0feafb430328123be2836) C:\windows\system32\drivers\SbAlg.sys
10:24:08.0692 5968 SbAlg - ok
10:24:08.0710 5968 SbFsLock (10cc92eab610dfe1e5bd68a38c76256b) C:\windows\system32\drivers\SbFsLock.sys
10:24:08.0718 5968 SbFsLock - ok
10:24:08.0737 5968 sbp2port (3ce8f073a557e172b330109436984e30) C:\windows\system32\drivers\sbp2port.sys
10:24:08.0753 5968 sbp2port - ok
10:24:08.0809 5968 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\windows\system32\DRIVERS\sdbus.sys
10:24:08.0822 5968 sdbus - ok
10:24:08.0843 5968 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys
10:24:08.0853 5968 secdrv - ok
10:24:08.0893 5968 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\windows\system32\DRIVERS\serenum.sys
10:24:08.0901 5968 Serenum - ok
10:24:08.0941 5968 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\windows\system32\DRIVERS\serial.sys
10:24:08.0956 5968 Serial - ok
10:24:08.0983 5968 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\windows\system32\drivers\sermouse.sys
10:24:08.0992 5968 sermouse - ok
10:24:09.0040 5968 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\windows\system32\drivers\sffdisk.sys
10:24:09.0047 5968 sffdisk - ok
10:24:09.0071 5968 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\windows\system32\drivers\sffp_mmc.sys
10:24:09.0080 5968 sffp_mmc - ok
10:24:09.0097 5968 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\windows\system32\drivers\sffp_sd.sys
10:24:09.0105 5968 sffp_sd - ok
10:24:09.0125 5968 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\windows\system32\drivers\sfloppy.sys
10:24:09.0133 5968 sfloppy - ok
10:24:09.0173 5968 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\windows\system32\drivers\sisagp.sys
10:24:09.0186 5968 sisagp - ok
10:24:09.0209 5968 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\windows\system32\drivers\sisraid2.sys
10:24:09.0220 5968 SiSRaid2 - ok
10:24:09.0235 5968 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\windows\system32\drivers\sisraid4.sys
10:24:09.0255 5968 SiSRaid4 - ok
10:24:09.0309 5968 Smb (7b75299a4d201d6a6533603d6914ab04) C:\windows\system32\DRIVERS\smb.sys
10:24:09.0321 5968 Smb - ok
10:24:09.0434 5968 SNP2UVC (cf9cde12fbc19dba8de528b7511a2f4f) C:\windows\system32\DRIVERS\snp2uvc.sys
10:24:09.0526 5968 SNP2UVC - ok
10:24:09.0557 5968 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\windows\system32\drivers\spldr.sys
10:24:09.0568 5968 spldr - ok
10:24:09.0634 5968 srv (41987f9fc0e61adf54f581e15029ad91) C:\windows\system32\DRIVERS\srv.sys
10:24:09.0660 5968 srv - ok
10:24:09.0687 5968 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\windows\system32\DRIVERS\srv2.sys
10:24:09.0704 5968 srv2 - ok
10:24:09.0720 5968 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\windows\system32\DRIVERS\srvnet.sys
10:24:09.0738 5968 srvnet - ok
10:24:09.0781 5968 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys
10:24:09.0791 5968 ssmdrv - ok
10:24:09.0825 5968 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\windows\system32\DRIVERS\swenum.sys
10:24:09.0834 5968 swenum - ok
10:24:09.0857 5968 Symc8xx (192aa3ac01df071b541094f251deed10) C:\windows\system32\drivers\symc8xx.sys
10:24:09.0870 5968 Symc8xx - ok
10:24:09.0903 5968 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\windows\system32\drivers\sym_hi.sys
10:24:09.0914 5968 Sym_hi - ok
10:24:09.0937 5968 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\windows\system32\drivers\sym_u3.sys
10:24:09.0948 5968 Sym_u3 - ok
10:24:10.0000 5968 SynTP (f5d926807bd9bc0af68f9376144de425) C:\windows\system32\DRIVERS\SynTP.sys
10:24:10.0020 5968 SynTP - ok
10:24:10.0110 5968 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\windows\system32\drivers\tcpip.sys
10:24:10.0182 5968 Tcpip - ok
10:24:10.0245 5968 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\windows\system32\DRIVERS\tcpip.sys
10:24:10.0260 5968 Tcpip6 - ok
10:24:10.0309 5968 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\windows\system32\drivers\tcpipreg.sys
10:24:10.0318 5968 tcpipreg - ok
10:24:10.0348 5968 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\windows\system32\drivers\tdpipe.sys
10:24:10.0355 5968 TDPIPE - ok
10:24:10.0385 5968 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\windows\system32\drivers\tdtcp.sys
10:24:10.0394 5968 TDTCP - ok
10:24:10.0416 5968 tdx (76b06eb8a01fc8624d699e7045303e54) C:\windows\system32\DRIVERS\tdx.sys
10:24:10.0430 5968 tdx - ok
10:24:10.0464 5968 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\windows\system32\DRIVERS\termdd.sys
10:24:10.0476 5968 TermDD - ok
10:24:10.0527 5968 TPM (cb258c2f726f1be73c507022be33ebb3) C:\windows\system32\drivers\tpm.sys
10:24:10.0539 5968 TPM - ok
10:24:10.0575 5968 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\windows\system32\DRIVERS\tssecsrv.sys
10:24:10.0583 5968 tssecsrv - ok
10:24:10.0618 5968 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\windows\system32\DRIVERS\tunmp.sys
10:24:10.0626 5968 tunmp - ok
10:24:10.0646 5968 tunnel (119b8184e106baedc83fce5ddf3950da) C:\windows\system32\DRIVERS\tunnel.sys
10:24:10.0649 5968 tunnel - ok
10:24:10.0679 5968 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\windows\system32\drivers\uagp35.sys
10:24:10.0692 5968 uagp35 - ok
10:24:10.0735 5968 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\windows\system32\DRIVERS\udfs.sys
10:24:10.0760 5968 udfs - ok
10:24:10.0805 5968 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\windows\system32\drivers\uliagpkx.sys
10:24:10.0820 5968 uliagpkx - ok
10:24:10.0849 5968 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\windows\system32\drivers\uliahci.sys
10:24:10.0874 5968 uliahci - ok
10:24:10.0897 5968 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\windows\system32\drivers\ulsata.sys
10:24:10.0913 5968 UlSata - ok
10:24:10.0934 5968 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\windows\system32\drivers\ulsata2.sys
10:24:10.0949 5968 ulsata2 - ok
10:24:10.0973 5968 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\windows\system32\DRIVERS\umbus.sys
10:24:10.0984 5968 umbus - ok
10:24:11.0044 5968 usbaudio (32db9517628ff0d070682aab61e688f0) C:\windows\system32\drivers\usbaudio.sys
10:24:11.0056 5968 usbaudio - ok
10:24:11.0081 5968 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\windows\system32\DRIVERS\usbccgp.sys
10:24:11.0093 5968 usbccgp - ok
10:24:11.0122 5968 usbcir (e9476e6c486e76bc4898074768fb7131) C:\windows\system32\drivers\usbcir.sys
10:24:11.0140 5968 usbcir - ok
10:24:11.0181 5968 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\windows\system32\DRIVERS\usbehci.sys
10:24:11.0190 5968 usbehci - ok
10:24:11.0232 5968 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\windows\system32\DRIVERS\usbhub.sys
10:24:11.0250 5968 usbhub - ok
10:24:11.0281 5968 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\windows\system32\DRIVERS\usbohci.sys
10:24:11.0289 5968 usbohci - ok
10:24:11.0324 5968 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\windows\system32\DRIVERS\usbprint.sys
10:24:11.0326 5968 usbprint - ok
10:24:11.0363 5968 usbscan (a508c9bd8724980512136b039bba65e9) C:\windows\system32\DRIVERS\usbscan.sys
10:24:11.0373 5968 usbscan - ok
10:24:11.0397 5968 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\windows\system32\DRIVERS\USBSTOR.SYS
10:24:11.0399 5968 USBSTOR - ok
10:24:11.0425 5968 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\windows\system32\DRIVERS\usbuhci.sys
10:24:11.0434 5968 usbuhci - ok
10:24:11.0455 5968 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\windows\system32\Drivers\usbvideo.sys
10:24:11.0470 5968 usbvideo - ok
10:24:11.0508 5968 vga (87b06e1f30b749a114f74622d013f8d4) C:\windows\system32\DRIVERS\vgapnp.sys
10:24:11.0518 5968 vga - ok
10:24:11.0542 5968 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\windows\System32\drivers\vga.sys
10:24:11.0550 5968 VgaSave - ok
10:24:11.0581 5968 viaagp (5d7159def58a800d5781ba3a879627bc) C:\windows\system32\drivers\viaagp.sys
10:24:11.0594 5968 viaagp - ok
10:24:11.0614 5968 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\windows\system32\drivers\viac7.sys
10:24:11.0626 5968 ViaC7 - ok
10:24:11.0660 5968 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\windows\system32\drivers\viaide.sys
10:24:11.0671 5968 viaide - ok
10:24:11.0702 5968 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\windows\system32\drivers\volmgr.sys
10:24:11.0715 5968 volmgr - ok
10:24:11.0757 5968 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\windows\system32\drivers\volmgrx.sys
10:24:11.0783 5968 volmgrx - ok
10:24:11.0806 5968 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\windows\system32\drivers\volsnap.sys
10:24:11.0828 5968 volsnap - ok
10:24:11.0856 5968 vsmraid (587253e09325e6bf226b299774b728a9) C:\windows\system32\drivers\vsmraid.sys
10:24:11.0876 5968 vsmraid - ok
10:24:11.0921 5968 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\windows\system32\drivers\wacompen.sys
10:24:11.0931 5968 WacomPen - ok
10:24:11.0954 5968 Wanarp (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
10:24:11.0965 5968 Wanarp - ok
10:24:11.0976 5968 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\windows\system32\DRIVERS\wanarp.sys
10:24:11.0978 5968 Wanarpv6 - ok
10:24:12.0019 5968 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\windows\system32\drivers\wd.sys
10:24:12.0030 5968 Wd - ok
10:24:12.0067 5968 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\windows\system32\drivers\Wdf01000.sys
10:24:12.0103 5968 Wdf01000 - ok
10:24:12.0237 5968 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\windows\system32\DRIVERS\wmiacpi.sys
10:24:12.0239 5968 WmiAcpi - ok
10:24:12.0298 5968 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\windows\system32\DRIVERS\wpdusb.sys
10:24:12.0308 5968 WpdUsb - ok
10:24:12.0338 5968 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\windows\system32\drivers\ws2ifsl.sys
10:24:12.0346 5968 ws2ifsl - ok
10:24:12.0404 5968 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\windows\system32\DRIVERS\WUDFRd.sys
10:24:12.0416 5968 WUDFRd - ok
10:24:12.0466 5968 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
10:24:12.0521 5968 \Device\Harddisk0\DR0 - ok
10:24:12.0528 5968 Boot (0x1200) (a1876755f2c5fdc3d1673befecfcabb7) \Device\Harddisk0\DR0\Partition0
10:24:12.0530 5968 \Device\Harddisk0\DR0\Partition0 - ok
10:24:12.0566 5968 Boot (0x1200) (9c104b37f03739f336649c8408073c9d) \Device\Harddisk0\DR0\Partition1
10:24:12.0567 5968 \Device\Harddisk0\DR0\Partition1 - ok
10:24:12.0583 5968 Boot (0x1200) (9b0db22242526e384824e068da039056) \Device\Harddisk0\DR0\Partition2
10:24:12.0584 5968 \Device\Harddisk0\DR0\Partition2 - ok
10:24:12.0588 5968 ============================================================
10:24:12.0588 5968 Scan finished
10:24:12.0588 5968 ============================================================
10:24:12.0608 2616 Detected object count: 1
10:24:12.0608 2616 Actual detected object count: 1
10:24:52.0663 2616 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
10:24:52.0663 2616 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip
10:25:02.0155 3864 Deinitialize success
======================================================================
OTL-TXT:
OTL logfile created on: 12.01.2012 10:30:13 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Philipp\Desktop
Windows Vista Business Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,90 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 60,20% Memory free
6,00 Gb Paging File | 4,62 Gb Available in Paging File | 77,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 222,88 Gb Total Space | 48,32 Gb Free Space | 21,68% Space Free | Partition Type: NTFS
Drive D: | 9,00 Gb Total Space | 1,34 Gb Free Space | 14,93% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive F: | 1020,00 Mb Total Space | 995,36 Mb Free Space | 97,58% Space Free | Partition Type: FAT32
Computer Name: PHILIPP-PC | User Name: Philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012.01.12 10:26:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
PRC - [2011.12.05 20:17:44 | 024,242,056 | ---- | M] (Dropbox, Inc.) -- C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.09.02 01:15:40 | 000,227,712 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE
PRC - [2011.07.21 23:07:38 | 000,718,720 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office14\MSOSYNC.EXE
PRC - [2011.06.29 05:53:21 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.27 14:12:05 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.12.08 20:17:46 | 001,226,608 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.11.04 06:59:43 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.21 13:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2010.09.21 13:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.09 20:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
PRC - [2009.04.10 22:28:04 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.04.10 22:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.06.21 00:37:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.06.21 00:37:24 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.06.10 19:21:16 | 000,238,896 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
PRC - [2008.06.10 19:13:58 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) -- c:\Programme\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe
PRC - [2008.06.06 01:07:52 | 000,256,512 | ---- | M] (SafeBoot International) -- c:\Programme\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
PRC - [2008.06.03 03:38:36 | 002,058,776 | ---- | M] (Intel Corporation) -- C:\Programme\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2008.06.03 03:38:30 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\AMT\LMS.exe
PRC - [2008.06.02 21:11:34 | 000,065,808 | ---- | M] (Bioscrypt Inc.) -- c:\Programme\Hewlett-Packard\IAM\Bin\asghost.exe
PRC - [2008.05.15 23:11:12 | 001,176,824 | ---- | M] (AuthenTec, Inc.) -- c:\Programme\Fingerprint Sensor\AtService.exe
PRC - [2008.03.31 22:41:22 | 000,091,440 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
PRC - [2007.12.11 21:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007.10.19 16:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE
PRC - [2007.05.16 00:08:40 | 000,182,576 | ---- | M] (ActivIdentity) -- c:\Programme\ActivIdentity\ActivClient\accoca.exe
PRC - [2007.05.16 00:08:38 | 000,095,024 | ---- | M] (ActivIdentity) -- c:\Programme\ActivIdentity\ActivClient\acevents.exe
PRC - [2007.05.16 00:08:08 | 000,293,168 | ---- | M] (ActivIdentity) -- C:\Programme\ActivIdentity\ActivClient\accrdsub.exe
========== Modules (No Company Name) ========== MOD - [2011.10.13 15:38:05 | 005,450,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011.10.13 15:33:41 | 007,950,848 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011.10.13 15:33:12 | 011,490,816 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010.12.08 20:18:26 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2010.12.08 20:17:46 | 001,226,608 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2009.03.29 20:42:14 | 000,167,936 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Xml.resources\2.0.0.0_de_b77a5c561934e089\System.Xml.resources.dll
MOD - [2009.03.29 20:42:12 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
========== Win32 Services (SafeList) ========== SRV - [2011.06.29 05:53:21 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.12 10:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.04.27 14:12:05 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.06.21 00:37:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008.06.10 19:13:58 | 000,018,944 | ---- | M] (Hewlett-Packard Development Company, L.P) [Auto | Running] -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe -- (HP ProtectTools Service)
SRV - [2008.06.06 01:07:52 | 000,256,512 | ---- | M] (SafeBoot International) [Auto | Running] -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe -- (HpFkCryptService)
SRV - [2008.06.03 03:38:36 | 002,058,776 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2008.06.03 03:38:30 | 000,174,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2008.06.02 21:06:56 | 000,112,400 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Programme\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2008.06.02 21:06:50 | 000,137,488 | ---- | M] (Bioscrypt Inc.) [Auto | Running] -- c:\Programme\Hewlett-Packard\IAM\Bin\ASChnl.dll -- (ASChannel)
SRV - [2008.05.15 23:11:12 | 001,176,824 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- c:\Programme\Fingerprint Sensor\AtService.exe -- (ATService)
SRV - [2008.01.21 03:23:59 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.12.11 21:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2007.10.19 16:28:24 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2007.05.16 00:08:40 | 000,182,576 | ---- | M] (ActivIdentity) [Auto | Running] -- c:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
========== Driver Services (SafeList) ========== DRV - [2011.06.29 05:53:22 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.29 05:53:22 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.06.06 01:08:44 | 000,051,376 | ---- | M] (SafeBoot N.V.) [Kernel | Boot | Running] -- C:\windows\System32\drivers\SbAlg.sys -- (SbAlg)
DRV - [2008.06.06 01:08:42 | 000,012,928 | ---- | M] (SafeBoot International) [File_System | Boot | Running] -- C:\windows\System32\drivers\SbFsLock.sys -- (SbFsLock)
DRV - [2008.06.06 01:08:40 | 000,012,496 | ---- | M] (SafeBoot International) [Kernel | System | Running] -- C:\windows\System32\drivers\rsvlock.sys -- (RsvLock)
DRV - [2008.06.06 01:08:38 | 000,109,184 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\System32\drivers\SafeBoot.sys -- (SafeBoot)
DRV - [2008.05.15 21:29:32 | 000,475,520 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2008.05.08 08:32:14 | 000,046,080 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008.04.28 15:29:26 | 003,658,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel(R)
DRV - [2008.04.14 22:39:06 | 000,009,344 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CPQBttn.sys -- (HBtnKey)
DRV - [2008.04.10 16:27:34 | 001,804,160 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.04.08 03:13:46 | 000,025,448 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\windows\system32\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV - [2008.04.08 03:13:42 | 000,034,664 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Accelerometer.sys -- (Accelerometer)
DRV - [2008.03.27 20:39:58 | 000,224,384 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress) Intel(R)
DRV - [2008.03.26 23:12:56 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2008.03.01 01:13:38 | 001,202,560 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.01.21 03:23:51 | 000,045,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2007.06.19 01:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006.12.20 10:08:00 | 000,047,616 | ---- | M] (RICOH Company, Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rismc32.sys -- (rismc32)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
https://webmail.uzh.ch/IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Users\Philipp\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
O1 HOSTS File: ([2011.05.19 12:38:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {2EECD738-5844-4a99-B4B6-146BF802613B} - No CLSID value found.
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Credential Manager for HP ProtectTools) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Programme\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (Softonic Deutsch FF Toolbar) - {9d81af43-de53-48d0-a199-42c2a226b24c} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\..\Toolbar\WebBrowser: (Softonic Deutsch FF Toolbar) - {9D81AF43-DE53-48D0-A199-42C2A226B24C} - C:\Programme\Softonic_Deutsch_FF\tbSoft.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [accrdsub] c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe (ActivIdentity)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CognizanceTS] c:\Programme\Hewlett-Packard\IAM\Bin\ASTSVCC.dll (Bioscrypt Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [picon] C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation)
O4 - HKLM..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE (Hewlett-Packard Development Company, L.P.)
O4 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-285388904-2522916759-3500499248-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &AOL Toolbar-Suche - C:\ProgramData\AOL\ieToolbar\resources\de-CH\local\search.html ()
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... -
res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O16 - DPF: {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C}
https://idlmail08.lotus.uzh.ch/dwa85W.cab (IBM Lotus iNotes 8.5 Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset.com/special/eos-be ... canner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E69FD266-8496-4DC1-B24B-C0792CE34904}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) -C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (C:\Windows\System32\APSHook.dll) -C:\Windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - AppInit_DLLs: (APSHook.dll) -C:\windows\System32\APSHook.dll (Bioscrypt Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
O24 - Desktop WallPaper: C:\Users\Philipp\Pictures\Wochenende 1. Advent 2006 001.jpg
O24 - Desktop BackupWallPaper: C:\Users\Philipp\Pictures\Wochenende 1. Advent 2006 001.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2012.01.12 10:26:29 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
[2012.01.12 10:23:23 | 001,972,528 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Philipp\Desktop\tdsskiller.exe
[2012.01.12 09:34:19 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{9D45000C-BC89-4257-A0FF-4D1F6C3CE714}
[2012.01.12 09:34:07 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{7AC9C94C-A860-4C9A-8EC7-6B6A1482E767}
[2012.01.11 11:11:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mciseq.dll
[2012.01.11 11:10:06 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\packager.dll
[2012.01.11 11:09:37 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2012.01.11 11:08:31 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\quartz.dll
[2012.01.11 11:08:30 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\qdvd.dll
[2012.01.11 09:31:16 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{DD7007BA-92FB-48C9-A048-879C003B6DE2}
[2012.01.11 09:31:05 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{2A69B9B7-312F-41E4-B760-FEBEAF4C6AEE}
[2012.01.10 15:36:52 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{44277C99-5F8A-4A37-BC91-CB352205E9DE}
[2012.01.10 15:36:36 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{591E7677-F28F-4806-B0E0-5B54A784CB96}
[2012.01.10 09:16:44 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{DFEDA5D9-50D0-4BD8-A77B-6FDE4D2DFDE2}
[2012.01.10 09:16:33 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{B5CF66B8-2BC4-4FAD-8490-65D5AC1D7659}
[2012.01.09 12:32:29 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{244CC470-BF60-446A-AAD9-4E565A47E866}
[2012.01.09 12:32:16 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{9D0A0169-905D-4F29-9BE1-B1C3C255DA55}
[2012.01.08 19:31:28 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{75174F22-5541-4D7B-8553-1AF545E9CF7B}
[2012.01.08 19:31:12 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{9A2FEEA4-DEDC-4F7E-BBBE-A67F06625237}
[2012.01.08 08:49:45 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\MFchi
[2012.01.07 08:43:49 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{ED1214F5-B794-4586-9171-A04E238038CD}
[2012.01.07 08:43:37 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{8DB5A7A5-6CED-4779-8D91-915AC7C6912A}
[2012.01.06 15:42:07 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{12A9FEA5-386E-44E8-B930-05D15D69788A}
[2012.01.06 15:41:54 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{C706285C-4A1F-4C80-939F-EDA70C72B341}
[2012.01.05 12:26:22 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{F4DF812D-4714-42EA-9D27-5F81A894F183}
[2012.01.05 12:26:09 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{C4FC283B-FAFC-45EA-A476-081C9BAB7F5D}
[2012.01.04 23:22:59 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{322D3C69-1EAA-4BB1-80EF-5AB53C255015}
[2012.01.04 23:22:49 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{9241E61E-B561-4076-AB16-8B3107C48134}
[2012.01.04 19:53:39 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Philipp\Desktop\dds.scr
[2012.01.04 12:46:07 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{7399D53B-42EA-423E-9E77-016ABFF20332}
[2012.01.04 12:45:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{EA70005F-AFBB-44D7-976E-3A80F3ABDD4C}
[2012.01.04 09:13:12 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{2AF6F130-34AD-4B79-B6A1-7D942B0B15E1}
[2012.01.04 09:12:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{489DEC0D-65FC-4375-ABD5-293DAFEE5B86}
[2012.01.04 00:06:36 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Tim Bendzko - Nur Noch Kurz Die Welt Retten (Official Video)_data
[2012.01.03 22:16:37 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\Audacity
[2012.01.03 22:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\Audacity 1.3 Beta (Unicode)
[2012.01.03 11:53:08 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{0D6DF6E4-FABD-46C6-90B7-85A0E97C5A57}
[2012.01.03 11:52:57 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{D5C3F6DD-442D-453A-A33F-A0E446137835}
[2012.01.02 03:00:24 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{3998F65D-6316-4A11-8A4B-F01FD748FC8C}
[2012.01.02 03:00:10 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{22DA2D2A-AC0D-4EE5-853D-507AA2B8120B}
[2012.01.01 04:14:48 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{53599D04-D386-48FB-9AF2-548FB9072A66}
[2012.01.01 04:14:37 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{7F0BB10F-EC46-4EFF-8EB8-B668D1051E6F}
[2011.12.30 17:01:18 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Desktop\Brandhölzler
[2011.12.30 09:26:16 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{6CA49BFA-3A9B-4F29-AA42-C805CF51330F}
[2011.12.30 09:26:05 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{026334C4-48E7-4C7B-9BAF-8B47D18DF1DB}
[2011.12.30 08:24:56 | 000,000,000 | ---D | C] -- C:\Users\Philipp\Documents\capella
[2011.12.29 08:28:24 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{082C855B-2C8E-4004-A1F7-4BA063150DA3}
[2011.12.29 08:28:14 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{8486D5AB-5B7E-4EFC-8B11-F082E83FCFA2}
[2011.12.28 10:24:16 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{4A87E10B-E25B-4B5E-8CAD-4FEC7A046EB0}
[2011.12.28 10:24:04 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{64D72669-C3FD-4C6C-8A3E-91CB62D11C4C}
[2011.12.27 16:59:09 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{147DBEEC-056A-49A0-9839-1A5FFCA4C463}
[2011.12.27 16:58:56 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{A94EE76B-D24E-416C-8F8D-8BC47B5F47EE}
[2011.12.26 13:58:18 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{C9845FDC-B593-4EC8-8B5E-0ED65649347B}
[2011.12.26 13:58:08 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{7FF33556-F048-49B5-939F-90E82FB8218E}
[2011.12.25 16:51:11 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{99C4E6D9-4D5C-49E4-BA10-E703E8D17C5F}
[2011.12.25 16:50:58 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{341CF778-0EB4-4121-9497-CFCC64F4CA8D}
[2011.12.23 17:27:49 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Roaming\CD-LabelPrint
[2011.12.23 16:38:23 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{577923A7-520B-4E4F-94DC-6C7D733112BF}
[2011.12.23 16:38:12 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{046B9E8D-68CC-45D2-89CD-D610E849DFE7}
[2011.12.22 16:33:00 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{061A7FC2-C572-4D95-8CE6-68DAD2A2B47D}
[2011.12.22 16:32:46 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{56F85A82-14B0-447D-BEB5-D099812B7D4A}
[2011.12.21 22:31:41 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{023DEA77-5B81-4615-8354-8DA3BD3BD1C8}
[2011.12.21 22:31:17 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{1C30C29E-13FE-496E-99C5-9C65B106B1E8}
[2011.12.20 14:57:13 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{8E402F3C-CDBE-4C6A-AD24-4B28A611C4D7}
[2011.12.20 14:57:03 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{BF4B4285-8E70-4B6C-83CC-F58CA7BBF871}
[2011.12.19 11:05:05 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{E7532DD0-2773-48DC-8FE4-907452F87B04}
[2011.12.19 11:04:54 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{399AE9D0-863E-427C-B2B8-9E5CF0313E0B}
[2011.12.18 14:42:50 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{AF1016CE-5E94-413D-A916-0EF49625F655}
[2011.12.18 14:42:39 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{232A83B3-BE28-4F53-B0D5-CE9B2036E6BC}
[2011.12.17 10:59:35 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{707587E6-644D-4F01-B18A-D7ADF3BF06FD}
[2011.12.17 10:59:21 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{3BBED02E-93E8-4010-9CA3-05B460AAF52E}
[2011.12.16 10:04:49 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{8A13B6C4-3FB3-4055-B57A-F7644ADDFEF5}
[2011.12.16 10:04:37 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{9BCD71B9-6E03-414B-9F21-981D6AE0FB24}
[2011.12.15 23:21:13 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{B4312DEF-EF83-41C5-8CE0-E0C6F181F30D}
[2011.12.15 23:21:03 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{EB6D4C39-4627-4E25-8C1E-D1B9D058543D}
[2011.12.15 09:31:14 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{BB542C50-7770-49AE-83CD-413577AE8B9B}
[2011.12.15 09:31:03 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{16B4A539-8C85-498E-A646-B5C17CBBBB12}
[2011.12.14 23:53:24 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{401B261D-9AAF-4E30-B277-80234C28EB7A}
[2011.12.14 23:53:14 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{32450732-3C33-45AB-9260-41E72A09CB61}
[2011.12.14 23:39:05 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntkrnlpa.exe
[2011.12.14 23:39:05 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ntoskrnl.exe
[2011.12.14 23:39:03 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2011.12.14 23:39:03 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\EncDec.dll
[2011.12.14 23:38:27 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\csrsrv.dll
[2011.12.14 23:38:24 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tzres.dll
[2011.12.14 23:38:22 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll
[2011.12.14 23:38:21 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\url.dll
[2011.12.14 23:38:20 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\inetcpl.cpl
[2011.12.14 23:38:20 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mstime.dll
[2011.12.14 23:38:20 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll
[2011.12.14 23:38:20 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iedkcs32.dll
[2011.12.14 23:38:20 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\html.iec
[2011.12.14 23:38:20 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll
[2011.12.14 23:38:19 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb
[2011.12.14 23:38:19 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iepeers.dll
[2011.12.14 23:38:19 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe
[2011.12.14 23:38:19 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieUnatt.exe
[2011.12.14 23:38:19 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll
[2011.12.14 23:38:19 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll
[2011.12.14 23:38:19 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll
[2011.12.14 23:38:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedsbs.dll
[2011.12.14 23:38:19 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\licmgr10.dll
[2011.12.14 23:38:19 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeedssync.exe
[2011.12.13 12:26:58 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{0BDAA2AB-B239-4AE5-A728-E952C55C3D83}
[2011.12.13 12:26:48 | 000,000,000 | ---D | C] -- C:\Users\Philipp\AppData\Local\{B698C1C1-8165-4F0E-A807-1064FA6CF109}
[2010.10.11 22:48:07 | 000,180,224 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2010.10.11 22:48:06 | 000,176,128 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
[122 C:\Users\Philipp\Desktop\*.tmp files -> C:\Users\Philipp\Desktop\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\Users\Philipp\Documents\*.tmp files -> C:\Users\Philipp\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012.01.12 10:26:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Philipp\Desktop\OTL.exe
[2012.01.12 10:23:29 | 001,972,528 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Philipp\Desktop\tdsskiller.exe
[2012.01.12 10:14:08 | 000,001,096 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.12 10:13:07 | 000,003,344 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.12 10:13:07 | 000,003,344 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.12 10:12:53 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.01.12 10:12:37 | 3116,646,400 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.12 09:07:02 | 000,001,100 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.12 00:41:19 | 000,000,012 | ---- | M] () -- C:\windows\bthservsdp.dat
[2012.01.11 17:19:00 | 000,000,426 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{CB254BC6-AF58-410C-B621-B7AA08168421}.job
[2012.01.04 19:53:43 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Philipp\Desktop\dds.scr
[2012.01.04 00:06:38 | 000,011,623 | ---- | M] () -- C:\Users\Philipp\Desktop\Tim Bendzko - Nur Noch Kurz Die Welt Retten (Official Video).aup
[2012.01.03 22:16:33 | 000,000,941 | ---- | M] () -- C:\Users\Philipp\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2012.01.03 22:16:26 | 006,110,720 | ---- | M] () -- C:\Users\Philipp\Desktop\Tim Bendzko - Nur Noch Kurz Die Welt Retten (Official Video).mp3
[2011.12.30 09:59:49 | 000,030,208 | ---- | M] () -- C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.18 03:20:46 | 000,000,680 | ---- | M] () -- C:\Users\Philipp\AppData\Local\d3d9caps.dat
[2011.12.15 15:22:55 | 000,383,424 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[122 C:\Users\Philipp\Desktop\*.tmp files -> C:\Users\Philipp\Desktop\*.tmp -> ]
[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]
[1 C:\Users\Philipp\Documents\*.tmp files -> C:\Users\Philipp\Documents\*.tmp -> ]
========== Files Created - No Company Name ========== [2012.01.04 00:06:36 | 000,011,623 | ---- | C] () -- C:\Users\Philipp\Desktop\Tim Bendzko - Nur Noch Kurz Die Welt Retten (Official Video).aup
[2012.01.03 22:16:33 | 000,000,953 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2012.01.03 22:16:33 | 000,000,941 | ---- | C] () -- C:\Users\Philipp\Desktop\Audacity 1.3 Beta (Unicode).lnk
[2012.01.03 22:16:18 | 006,110,720 | ---- | C] () -- C:\Users\Philipp\Desktop\Tim Bendzko - Nur Noch Kurz Die Welt Retten (Official Video).mp3
[2011.12.17 17:24:25 | 000,000,680 | ---- | C] () -- C:\Users\Philipp\AppData\Local\d3d9caps.dat
[2011.05.21 06:31:31 | 000,116,224 | ---- | C] () -- C:\windows\System32\pdfcmnnt.dll
[2011.05.19 11:50:23 | 000,256,512 | ---- | C] () -- C:\windows\PEV.exe
[2011.05.19 11:50:23 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2011.05.19 11:50:23 | 000,089,088 | ---- | C] () -- C:\windows\MBR.exe
[2011.05.19 11:50:23 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2011.05.19 11:50:23 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2011.04.06 11:16:55 | 000,000,553 | ---- | C] () -- C:\windows\capella.INI
[2011.04.06 11:16:03 | 000,000,466 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010.11.09 18:51:21 | 000,000,286 | ---- | C] () -- C:\windows\reimage.ini
[2010.10.14 07:45:26 | 000,000,400 | ---- | C] () -- C:\windows\ODBC.INI
[2010.10.13 11:00:31 | 000,030,208 | ---- | C] () -- C:\Users\Philipp\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.13 09:39:36 | 000,062,976 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2010.10.13 09:39:28 | 000,117,248 | ---- | C] () -- C:\windows\System32\EhStorAuthn.dll
[2010.10.13 09:39:01 | 000,107,612 | ---- | C] () -- C:\windows\System32\StructuredQuerySchema.bin
[2010.10.12 21:36:26 | 000,018,904 | ---- | C] () -- C:\windows\System32\StructuredQuerySchemaTrivial.bin
[2010.10.12 05:58:28 | 000,022,720 | ---- | C] () -- C:\windows\System32\emptyregdb.dat
[2010.10.11 22:48:06 | 001,804,160 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2010.10.11 22:48:06 | 000,028,160 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2010.10.11 22:48:06 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2009.08.21 20:05:50 | 000,000,012 | ---- | C] () -- C:\windows\bthservsdp.dat
[2008.06.13 03:59:22 | 000,147,456 | ---- | C] () -- C:\windows\System32\igfxCoIn_v1502.dll
[2008.06.13 03:41:20 | 000,492,496 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2008.06.13 03:41:18 | 002,192,024 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2008.06.13 03:41:18 | 000,147,172 | ---- | C] () -- C:\windows\System32\igfcg550.bin
[2008.06.06 01:08:38 | 000,109,184 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2008.04.15 21:22:46 | 000,290,748 | ---- | C] () -- C:\windows\System32\perfi007.dat
[2008.04.15 21:22:45 | 000,151,614 | ---- | C] () -- C:\windows\System32\perfc007.dat
[2008.04.15 21:22:45 | 000,036,916 | ---- | C] () -- C:\windows\System32\perfd007.dat
[2008.04.15 21:22:45 | 000,000,000 | ---- | C] () -- C:\windows\System32\perfh007.dat
[2006.11.02 13:56:48 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2006.11.02 13:47:43 | 000,383,424 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2006.11.02 11:33:01 | 000,629,760 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,115,516 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\windows\System32\hpotscl1.dll
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2006.03.09 18:58:00 | 001,060,424 | ---- | C] () -- C:\windows\System32\WdfCoInstaller01000.dll
[2005.04.04 07:30:00 | 000,110,592 | ---- | C] () -- C:\windows\System32\scardsyn.dll
[1998.05.07 12:10:00 | 000,069,632 | ---- | C] () -- C:\windows\System32\ODMA32.dll
< End of report >
======================================================================